package com.firmail.config;

import lombok.extern.slf4j.Slf4j;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;

/**
 * Created by dzs on 2017/5/27.
 */
@Configuration
@EnableResourceServer
@Slf4j
public class ResourceServerConfiguration extends ResourceServerConfigurerAdapter {

    @Override
    public void configure(HttpSecurity http) throws Exception {
        http.csrf().disable()
                .authorizeRequests()
                .regexMatchers(".*swagger.*", ".*v2.*", ".*webjars.*", "/user/login.*", "/user/registry.*", "/user/test.*").permitAll()
                .antMatchers("/**").authenticated()
                .antMatchers("/**").permitAll();
    }


    /*@Override
    public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
        log.info("Configuring ResourceServerSecurityConfigurer ");
        resources.resourceId("ois-mock-center").tokenStore(tokenStore);
    }

    @Autowired
    TokenStore tokenStore;*/


    /*@Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable();
        http
                .authorizeRequests()
                .antMatchers("**.css").permitAll()
                .antMatchers("/u/**").hasRole("NORMAL")
                .antMatchers("/admin/**").hasRole("ADMIN")
                .and()
                .formLogin()
                .loginPage("/login")
                .permitAll()
                .and()
                .logout()
                .logoutSuccessUrl("/")
                .permitAll();
    }

    @Autowired
    DataSource dataSource;
    @Autowired
    public void configAuthentication(AuthenticationManagerBuilder auth) throws Exception {
        auth.jdbcAuthentication().dataSource(dataSource)
                .usersByUsernameQuery(
                        "select username as principal,password as credentials,enable from sys_user where username=?")
                .authoritiesByUsernameQuery(
                        "SELECT u.username as principal,r.name as role " +
                                "from sys_user u " +
                                "INNER JOIN sys_user_role ur ON u.id = ur.sys_user_id " +
                                "INNER JOIN sys_role r ON ur.sys_role_id = r.id " +
                                "WHERE u.username=?")
                .rolePrefix("ROLE_");
    }*/
}
